Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ISC SSCP - Systems Security Certified Practitioner

Page: 6 / 14
Total 1074 questions

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Java is not:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Controls are implemented to:

A.

eliminate risk and reduce the potential for loss

B.

mitigate risk and eliminate the potential for loss

C.

mitigate risk and reduce the potential for loss

D.

eliminate risk and eliminate the potential for loss

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

A.

Recovery

B.

Containment

C.

Triage

D.

Analysis and tracking

Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?

A.

Alternate site selection

B.

Create data-gathering techniques

C.

Identify the company’s critical business functions

D.

Select individuals to interview for data gathering

Which backup type run at regular intervals would take the least time to complete?

A.

Full Backup

B.

Differential Backup

C.

Incremental Backup

D.

Disk Mirroring

Which of the following is a large hardware/software backup system that uses the RAID technology?

A.

Tape Array.

B.

Scale Array.

C.

Crimson Array

D.

Table Array.

How often should tests and disaster recovery drills be performed?

A.

At least once a quarter

B.

At least once every 6 months

C.

At least once a year

D.

At least once every 2 years

What can be defined as a momentary low voltage?

A.

Spike

B.

Sag

C.

Fault

D.

Brownout

Which of the following is NOT a transaction redundancy implementation?

A.

on-site mirroring

B.

Electronic Vaulting

C.

Remote Journaling

D.

Database Shadowing

Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?

A.

hot site

B.

warm site

C.

cold site

D.

reciprocal agreement

To understand the 'whys' in crime, many times it is necessary to understand MOM. Which of the following is not a component of MOM?

A.

Opportunities

B.

Methods

C.

Motivation

D.

Means

Which type of attack would a competitive intelligence attack best classify as?

A.

Business attack

B.

Intelligence attack

C.

Financial attack

D.

Grudge attack

During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable?

A.

Measurement of accuracy

B.

Elapsed time for completion of critical tasks

C.

Quantitatively measuring the results of the test

D.

Evaluation of the observed test results

Which of the following statements pertaining to disaster recovery planning is incorrect?

A.

Every organization must have a disaster recovery plan

B.

A disaster recovery plan contains actions to be taken before, during and after a disruptive event.

C.

The major goal of disaster recovery planning is to provide an organized way to make decisions if a disruptive event occurs.

D.

A disaster recovery plan should cover return from alternate facilities to primary facilities.

Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):

A.

Notifying senior management of the start of the assessment.

B.

Creating data gathering techniques.

C.

Identifying critical business functions.

D.

Calculating the risk for each different business function.

Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?

A.

Full Backup Method.

B.

Incremental backup method.

C.

Supplemental backup method.

D.

Tape backup method.

When first analyzing an intrusion that has just been detected and confirming that it is a true positive, which of the following actions should be done as a first step if you wish to prosecute the attacker in court?

A.

Back up the compromised systems.

B.

Identify the attacks used to gain access.

C.

Capture and record system information.

D.

Isolate the compromised systems.